基于信息距离的信息系统等级保护评价方法
|
摘要
信息系统安全策略配置是信息系统等级保护的重要措施和组成部分,目的是确保在相应的安全等级下的最优最小安全配置。以信息距离为理论基础,通过对信息系统资产安全策略配置的随机调查,建立基于信息距离的分布函数,定性度量出资产的置信区间,从而构建信息系统等级保护等级的评判方法。该方法具有计算简单、直观、可靠性高等特点,为等级保护评价提供一种新的理论依据与方法。
The configuration of information system security policy was an important measure and component of the level protection of information system.The purpose was to ensure the optimal minimum security configuration under the corresponding security level.Based on the theory of information distance this paper,establishes a distribution function by random investigation of the allocation of information system assets security strategy,and measures the confidence interval of the assets qualitatively,thus constructs the evaluation method of the level protection level of the information system.The method is simple,intuitive and high reliability;It provides a new theoretical basis and method for grading protection evaluation.
The configuration of information system security policy was an important measure and component of the level protection of information system.The purpose was to ensure the optimal minimum security configuration under the corresponding security level.Based on the theory of information distance this paper,establishes a distribution function by random investigation of the allocation of information system assets security strategy,and measures the confidence interval of the assets qualitatively,thus constructs the evaluation method of the level protection level of the information system.The method is simple,intuitive and high reliability;It provides a new theoretical basis and method for grading protection evaluation.
引文
[1]杨磊,郭志博.信息安全等级保护的等级测评[J].中国人民公安大学学报(自然科学版),2007(1):50-53.YANG Lei,GUO Zhibo.Level assessment of information security level protection[J].Journal of Chinese Peoples Public Security University(Science and Technology),2007(1):50-53.
[2]张文勇,李维华,唐作其.信息系统安全等级保护测评中网络安全现场测评方法研究[J].电子科技技术,2016,3(3):272-276.ZHANG Wenyong,LING Weihua,TANG Zuoqi.Research on the method of metwork security evaluation on the spot for classified protection of information system[J].Electronic Science&Technology,2016,3(3):272-276.
[3]任卫红.基于指标测量的等级保护有效性测评方法[C]//第六届全国网络安全等级保护技术大会论文集.上海:公安部第一研究所,2017.REN Weihong.Level protection effectiveness evaluation method based on indicator measurement[C]//Proceedings of the 6th National Network Security Protection Technology Conference.Shanghai:First Institute of Public Security,2017.
[4]朱丹,谢晓尧,徐洋,等.基于云模型与贝叶斯反馈的网络安全等级评估方法[J].山东大学学报(理学版),2018,53(1):53-62.ZHU Dan,XIE Xiaoxiao,XU Yang,et al.Evaluation method of network Security level based on cloud model and Bayesian feedback[J].Journal of Shandong University(Natural Science),2018,53(1):53-62.
[5]曹兆泉.基于D-S证据理论的信息系统安全等级测评结果判决方法研究[D].北京:北京邮电大学,2010.CAO Zhaoquan.Research on evaluation method of information system of classified protection based on Dempster-Shafer theory[D].Beijing:Beijing University of Posts and Telecommunications,2010.
[6]石桂花,徐超,刘君.基于云安全服务平台的等级保护测评方法[J].移动通信,2017,41(21):10-15.SHI Guihua,XU Chao,LIU Jun.Method of level protection evaluation based on cloud security service platform[J].Mobile Communication,2017,41(21):10-15.
[7]唐作其,黄玉洁,梁静,等.基于灰色模糊综合理论的信息系统定级[J].北京工业大学学报,2018,44(7):34-40.TANG Zuoqi,HUANG Yujie,LIANG Jing.Classification of information system based on Gray-fuzzy comprehensive theory[J].Journal of Beijing University of Technology,2018,44(7):34-40.
[8]ZHOU Chao,PAN Ping,MAO Xinyue et al.Risk analysis of information system security based on distance of informationstate transition[J].Wuhan University Journal of Natural Sciences,2018,23(3):210-218.
[9]管萍,宋良荣.网络环境下信息距离的测度与优化[J].情报学报,2017,36(12):1302-1308.GUAN Ping,SONG Liangrong.Measurement and optimization of distance of information-state transition under a network environment[J].Journal of the China Society for Scientific and Technical Information,2017,36(12):1302-1308.
[10]李杨,郭亚军,杨友良.基于K-L信息距离的证据冲突特征识别与应用[J].系统工程理论与实践,2014,34(8):2071-2077.LI Yang,GUO Yajun,YANG Youliang.Identification and application of the evidence conflict based on K-L information distance[J].Systems Engineering-Theory&Practice,2014,34(8):2071-2077.
[2]张文勇,李维华,唐作其.信息系统安全等级保护测评中网络安全现场测评方法研究[J].电子科技技术,2016,3(3):272-276.ZHANG Wenyong,LING Weihua,TANG Zuoqi.Research on the method of metwork security evaluation on the spot for classified protection of information system[J].Electronic Science&Technology,2016,3(3):272-276.
[3]任卫红.基于指标测量的等级保护有效性测评方法[C]//第六届全国网络安全等级保护技术大会论文集.上海:公安部第一研究所,2017.REN Weihong.Level protection effectiveness evaluation method based on indicator measurement[C]//Proceedings of the 6th National Network Security Protection Technology Conference.Shanghai:First Institute of Public Security,2017.
[4]朱丹,谢晓尧,徐洋,等.基于云模型与贝叶斯反馈的网络安全等级评估方法[J].山东大学学报(理学版),2018,53(1):53-62.ZHU Dan,XIE Xiaoxiao,XU Yang,et al.Evaluation method of network Security level based on cloud model and Bayesian feedback[J].Journal of Shandong University(Natural Science),2018,53(1):53-62.
[5]曹兆泉.基于D-S证据理论的信息系统安全等级测评结果判决方法研究[D].北京:北京邮电大学,2010.CAO Zhaoquan.Research on evaluation method of information system of classified protection based on Dempster-Shafer theory[D].Beijing:Beijing University of Posts and Telecommunications,2010.
[6]石桂花,徐超,刘君.基于云安全服务平台的等级保护测评方法[J].移动通信,2017,41(21):10-15.SHI Guihua,XU Chao,LIU Jun.Method of level protection evaluation based on cloud security service platform[J].Mobile Communication,2017,41(21):10-15.
[7]唐作其,黄玉洁,梁静,等.基于灰色模糊综合理论的信息系统定级[J].北京工业大学学报,2018,44(7):34-40.TANG Zuoqi,HUANG Yujie,LIANG Jing.Classification of information system based on Gray-fuzzy comprehensive theory[J].Journal of Beijing University of Technology,2018,44(7):34-40.
[8]ZHOU Chao,PAN Ping,MAO Xinyue et al.Risk analysis of information system security based on distance of informationstate transition[J].Wuhan University Journal of Natural Sciences,2018,23(3):210-218.
[9]管萍,宋良荣.网络环境下信息距离的测度与优化[J].情报学报,2017,36(12):1302-1308.GUAN Ping,SONG Liangrong.Measurement and optimization of distance of information-state transition under a network environment[J].Journal of the China Society for Scientific and Technical Information,2017,36(12):1302-1308.
[10]李杨,郭亚军,杨友良.基于K-L信息距离的证据冲突特征识别与应用[J].系统工程理论与实践,2014,34(8):2071-2077.LI Yang,GUO Yajun,YANG Youliang.Identification and application of the evidence conflict based on K-L information distance[J].Systems Engineering-Theory&Practice,2014,34(8):2071-2077.